Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/jjb_MdZdK4fqJlNS02nREtBZ_w4.roa
File: jjb_MdZdK4fqJlNS02nREtBZ_w4.roa (raw, json)
Hash identifier: T4s8uqti7gI3pFJPYadzHWOBo+FGCp7vMnQ+0KSoSgE=
Subject key identifier: 8E:36:FF:31:D6:5D:2B:87:EA:26:53:52:D3:69:D1:12:D0:59:FF:0E
Certificate issuer: /CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Certificate serial: 019E7CDAFDBB555E0BC4F176C896009DB114
Authority key identifier: 3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/jjb_MdZdK4fqJlNS02nREtBZ_w4.roa
Signing time: Sun 31 May 2026 07:06:27 +0000
ROA not before: Sun 31 May 2026 07:06:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 86.109.74.0/24 maxlen: 24
86.109.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jun 2026 11:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7c:da:fd:bb:55:5e:0b:c4:f1:76:c8:96:00:9d:b1:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d7b9dffaae33ec2cf19b5ad4e49c1e9eb1d9d64
Validity
Not Before: May 31 07:06:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e36ff31d65d2b87ea265352d369d112d059ff0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:30:ac:21:9e:d2:63:3d:19:e1:f0:7e:3b:d8:
50:92:2f:9a:75:fe:13:06:86:65:77:0d:af:41:fd:
3e:5e:32:4b:f1:fa:c0:74:0f:4f:22:85:f1:2f:de:
ea:bd:2a:ed:a8:ab:47:c5:75:79:dd:d4:9f:83:d3:
68:96:36:ae:cd:8f:e2:cd:7f:5f:f0:ce:83:ca:97:
3c:59:4c:52:45:b5:16:a0:c8:57:28:22:bc:ca:f0:
51:3a:b9:d6:10:6c:09:b2:7d:76:a4:47:38:d2:0f:
3a:7c:4b:49:c6:68:4b:24:6d:be:4d:07:65:d8:87:
91:b1:3c:ca:a0:7c:d3:bc:9c:aa:73:aa:0e:ce:89:
b6:a1:43:1c:02:58:2d:46:51:4c:85:75:5b:46:24:
38:2e:ea:fc:6d:91:4b:64:36:26:d1:10:a5:2e:57:
55:2f:22:ea:c6:9e:da:66:27:5e:5b:44:d3:d0:bf:
9e:29:b7:f2:c6:5a:1f:85:de:86:8d:60:f3:1f:5a:
a4:52:b7:20:18:6f:96:df:b9:3b:37:48:47:a8:ca:
7f:4c:d3:09:d7:a8:ed:67:78:05:ab:df:19:53:4e:
0a:20:92:e2:4b:d5:8f:a4:3f:fb:6e:4e:12:a3:c8:
57:65:cd:92:56:30:e5:05:eb:5c:83:20:5a:9f:d1:
7c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:36:FF:31:D6:5D:2B:87:EA:26:53:52:D3:69:D1:12:D0:59:FF:0E
X509v3 Authority Key Identifier:
keyid:3D:7B:9D:FF:AA:E3:3E:C2:CF:19:B5:AD:4E:49:C1:E9:EB:1D:9D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PXud_6rjPsLPGbWtTknB6esdnWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/jjb_MdZdK4fqJlNS02nREtBZ_w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/49195b-2909-46e0-abce-422523c4e68b/1/PXud_6rjPsLPGbWtTknB6esdnWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.74.0/24
86.109.76.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:5c:b0:38:a8:b7:5d:cd:53:20:6a:0c:ec:1a:d2:88:3a:6f:
d7:cd:a6:93:b8:fa:d6:35:2b:a2:4f:c4:75:74:50:37:3c:3a:
43:25:f6:05:72:25:40:85:70:7f:59:36:9a:f4:ab:53:b9:e8:
a2:d5:bd:0b:dd:2c:5c:4a:91:5c:b7:16:53:44:9b:26:d3:81:
f2:78:f8:cb:7e:7a:d5:34:6e:e4:53:1b:cf:89:9c:58:63:ee:
47:8a:2f:c9:51:5a:75:42:40:03:da:d5:c8:27:be:14:b0:fa:
c1:45:d5:ff:6a:9c:64:cd:4a:8d:de:cc:3b:70:1f:30:c2:9d:
6d:42:93:55:78:f2:50:20:22:03:46:bf:43:53:75:ca:92:cf:
7f:02:e3:e9:bd:c2:15:a1:32:ad:b7:8f:b5:67:28:c3:23:be:
47:65:e8:5b:a6:5f:a8:56:d5:f9:f2:7f:01:a3:4a:26:65:43:
c1:3e:65:52:f7:4b:65:af:73:fd:b8:30:9f:3d:fa:87:ad:80:
82:6e:d5:b0:69:77:41:00:83:0b:26:35:b2:dd:80:1f:5e:ac:
eb:a8:19:a6:52:d8:93:11:2c:57:03:ff:1a:35:1d:4b:63:98:
69:c1:29:85:d9:ec:e2:43:29:ef:d5:fc:49:35:fd:5b:a2:7b:
cd:5b:fe:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ582v27VV4LxPF2yJYAnbEUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkN2I5ZGZmYWFlMzNlYzJjZjE5YjVhZDRlNDljMWU5ZWIx
ZDlkNjQwHhcNMjYwNTMxMDcwNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTM2ZmYzMWQ2NWQyYjg3ZWEyNjUzNTJkMzY5ZDExMmQwNTlmZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zCsIZ7SYz0Z4fB+O9hQki+adf4T
BoZldw2vQf0+XjJL8frAdA9PIoXxL97qvSrtqKtHxXV53dSfg9NoljauzY/izX9f
8M6Dypc8WUxSRbUWoMhXKCK8yvBROrnWEGwJsn12pEc40g86fEtJxmhLJG2+TQdl
2IeRsTzKoHzTvJyqc6oOzom2oUMcAlgtRlFMhXVbRiQ4Lur8bZFLZDYm0RClLldV
LyLqxp7aZideW0TT0L+eKbfyxlofhd6GjWDzH1qkUrcgGG+W37k7N0hHqMp/TNMJ
16jtZ3gFq98ZU04KIJLiS9WPpD/7bk4So8hXZc2SVjDlBetcgyBan9F8XwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI42/zHWXSuH6iZTUtNp0RLQWf8OMB8GA1UdIwQY
MBaAFD17nf+q4z7Czxm1rU5JwenrHZ1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2Ut
NDIyNTIzYzRlNjhiLzEvampiX01kWmRLNGZxSmxOUzAyblJFdEJaX3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80OTE5NWItMjkwOS00NmUwLWFiY2UtNDIyNTIzYzRlNjhi
LzEvUFh1ZF82cmpQc0xQR2JXdFRrbkI2ZXNkbldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVm1KAwQC
Vm1MMA0GCSqGSIb3DQEBCwUAA4IBAQBeXLA4qLddzVMgagzsGtKIOm/XzaaTuPrW
NSuiT8R1dFA3PDpDJfYFciVAhXB/WTaa9KtTueii1b0L3SxcSpFctxZTRJsm04Hy
ePjLfnrVNG7kUxvPiZxYY+5Hii/JUVp1QkAD2tXIJ74UsPrBRdX/apxkzUqN3sw7
cB8wwp1tQpNVePJQICIDRr9DU3XKks9/AuPpvcIVoTKtt4+1ZyjDI75HZehbpl+o
VtX58n8Bo0omZUPBPmVS90tlr3P9uDCfPfqHrYCCbtWwaXdBAIMLJjWy3YAfXqzr
qBmmUtiTESxXA/8aNR1LY5hpwSmF2eziQynv1fxJNf1bonvNW/7m
-----END CERTIFICATE-----
Generated at Fri Jun 26 21:06:34 2026 by rpki-client